GLOSSARY CCNP SWITCH
Auto-QoS An automated method to configure
20/80 rule Network traffic pattern where 20 percent
of traffic stays in a local area, while 80 percent
travels to or from a remote resource.
802.1Q A method of passing frames and their VLAN
associations over a trunk link, based on the IEEE
802.1Q standard.
AAA Authentication, authorization, and accounting
services used to control user access to a switch or a
switch port.
access layer The layer of the network where end
users are connected.
active virtual forwarder (AVF) A GLBP router that
takes on a virtual MAC address and forwards traffic
received on that address.
active virtual gateway (AVG) The GLBP router that
answers all ARP requests for the virtual router
address and assigns virtual MAC addresses to each
router in the GLBP group.
adjacency table A table used by CEF to collect the
MAC addresses of nodes that can be reached in a
single Layer 2 hop.
alternate port In RSTP, a port other than the root
port that has an alternative path to the root bridge.
ARP poisoning Also known as ARP spoofing. An
attack whereby an attacker sends specially crafted
ARP replies so that its own MAC address appears as
the gateway or some other targeted host. From that
time on, unsuspecting clients unknowingly send
traffic to the attacker.
between switches.
complex QoS parameters with a simple IOS macro
command.
autonegotiation A mechanism used by a device and
a switch port to automatically negotiate the link
speed and duplex mode.
autonomous mode AP An access point that operates
in a standalone mode, such that it is autonomous
and can offer a functioning WLAN cell itself.
BackboneFast An STP feature that can detect an
indirect link failure and shorten the STP convergence
time to 30 seconds by bypassing the Max Age
timeout period.
backup port In RSTP, a port that provides a
redundant (but less desirable) connection to a
segment where another switch port already
connects.
best effort delivery Packets are forwarded in the
order in which they are received, regardless of any
policy or thenpacket contents.
BPDU Bridge protocol data unit; the data message
exchanged by switches participating in the Spanning
Tree Protocol.
BPDU filtering Prevents BPDUs from being sent or
processed on a switch port.
BPDU Guard An STP feature that disables a switch
port if any BPDU is received there.
bridging loop A condition where Ethernet frames are
forwarded endlessly around a Layer 2 loop formed
broadcast domain The extent of a network where a
single broadcast frame or packet will be seen.
CAM Content-addressable memory; the high-
performance table used by a switch to correlate
MAC addresses with the switch interfaces where
they can be found.
CDP Cisco Discovery Protocol; a Cisco proprietary
protocol used to advertise and discover directly
connected devices automatically
CEF Cisco Express Forwarding; an efficient topology-
based system for forwarding IP packets.
collapsed core A network design where the core and
distribution layers are collapsed or combined into a
single layer of switches.
collision domain The extent within a network that an
Ethernet collision will be noticed or experienced.
Common Spanning Tree (CST) A single instance of
STP defined in the IEEE 802.1Q standard.
community VLAN A type of secondary private VLAN;
switch ports associated with a community VLAN can
communicate with each other.
Control and Provisioning Wireless Access Point
(CAPWAP) A standards-based tunneling protocol
used to transport control messages and data packets
between a wireless LAN controller (WLC) and a
lightweight access point (LAP). CAPWAP is defined in
RFC 4118.
core layer The “backbone” layer of the network
where all distribution layer switches are aggregated.
CoS marking Class of service marking; a method of
marking frames with a QoS value as they cross a
trunk link between two switches.
CSMA/CA Carrier sense multiple access collision
avoidance. The mechanism used in 802.11 WLANs by
which clients attempt to avoid collisions.
CSMA/CD Carrier sense multiple access collision
detect. A mechanism used on Ethernet networks to
detect collisions and cause transmitting devices to
back off for a random time.
delay The amount of time required for a packet to
be forwarded across a network.
designated port One nonroot port selected on a
network segment, such that only one switch
forwards traffic to and from that segment.
DHCP Dynamic Host Configuration Protocol; a
protocol used to negotiate IP address assignment
between a client and a server. The client and server
must reside on the same VLAN.
DHCP relay A multilayer switch that intercepts and
relays DHCP negotiation messages between a client
and a DHCP server, even if they exist on different
VLANs.
DHCP snooping A security feature that enables a
switch to intercept all DHCP requests coming from
untrusted switch ports before they are flooded to
unsuspecting users.
DHCPv6 A DHCP service that is compatible with IPv6
clients; a switch can assign IPv6 addresses and
advertise DHCP-related options.
DHCPv6 Lite A DHCP service that is compatible with
IPv6 clients; IPv6 addresses are obtained through
stateless autoconfiguration, but DHCP-related
options are advertised through the DHCPv6 Lite
server.
differentiated services (DiffServ) model Packet
forwarding is handled according to local QoS policies
on a per-device or per-hop basis.
discarding state In RSTP, incoming frames are
dropped and no MAC addresses are learned.
distribution layer The layer of the network where
access layer switches are aggregated and routing is
performed.
DTP Dynamic Trunking Protocol; a Cisco proprietary
method of negotiating a trunk link between two
switches.
dual core A network design that has a distinct core
layer made up of a redundant pair of switches.
duplex mismatch A condition where the devices on
each end of a link use conflicting duplex modes.
duplex mode The Ethernet mode that governs how
devices can transmit over a connection. Half-duplex
mode forces only one device to transmit at a time, as
all devices share the same media. Full-duplex mode
is used when only two devices share the media, such
that both devices can transmit simultaneously.
Dynamic ARP inspection (DAI) A security feature
that can mitigate ARP-based attacks. ARP replies
received on untrusted switch ports are checked
against known, good values contained in the DHCP
snooping database.
edge port In RSTP, a port at the “edge” of the
network, where only a single host connects.
end-to-end VLAN A single VLAN that spans the
entire switched network, from one end to the other.
EtherChannel A logical link made up of bundled or
aggregated physical links.
EtherChannel Guard A feature that can detect errors
in the EtherChannel configuration on a switch.
expedited forwarding (EF) The DSCP value used to
mark time-critical packets for premium QoS
handling. EF is usually reserved for voice bearer
traffic.
FIB Forwarding Information Base; a CEF database
that contains the current routing table.
flooding An Ethernet frame is replicated and sent
out every available switch port.
forward delay The time interval that a switch spends
in the Listening and Learning states; default 15
seconds.
hello time The time interval between configuration
BPDUs sent by the root bridge; defaults to 2 seconds.
hierarchical network design A campus network that
is usually organized into an Access layer, a
distribution layer, and a core layer.
host port A switch port mapped to a private VLAN
such that a connected device can communicate with
only a promiscuous port or ports within the same
community VLAN.
HSRP active router The router in a Hot Standby
Router Protocol (HSRP) group that forwards traffic
sent to the virtual gateway IP and MAC address.
HSRP standby router A router in an HSRP group that
waits until the active router fails before taking over
that role.
IEEE 802.1X The standard that defines port-based
authentication between a network device and a
client device.
IEEE 802.3 The standard upon which all generations
of Ethernet (Ethernet, Fast Ethernet, Gigabit
Ethernet, 10-Gigabit Ethernet) are based.
inter-VLAN routing The function performed by a
Layer 3 device that connects and forwards packets
between multiple VLANs.
IP Service Level Agreement (IP SLA) A feature within
Cisco IOS that can be used to test how specific types
of traffic are being handled end to end across a
network.
IP SLA responder A network device that responds to
and participates in IP SLA tests.
ISL Inter-Switch Link; a Cisco proprietary method of
tagging frames passing over a trunk link.
isolated VLAN A type of secondary private VLAN;
switch ports associated with an isolated VLAN are
effectively isolated from each other.
IST instance Internal spanning-tree instance; used by
Multiple Spanning Tree (MST) to represent an entire
region as a single virtual bridge to a common
spanning tree.
jitter The variation in packet delivery delay times.
LACP Link Aggregation Control Protocol; a standards-
based method for negotiating EtherChannels
automatically.
Layer 2 roaming Movement of a WLAN client from
one AP to another, while keeping its same IP
address.
Layer 3 roaming Movement of a WLAN client from
one AP to another, where the APs are located across
IP subnet boundaries.
lightweight access point (LAP) An access point that
runs a lightweight code image that performs real-
time 802.11 operations. An LAP cannot offer a fully
functioning WLAN cell by itself; instead, it must
coexist with a wireless LAN controller.
Lightweight Access Point Protocol (LWAPP) The
tunneling protocol developed by Cisco that is used to
transport control messages and data packets
between a WLC and an LAP.
link-local address An IPv6 address used by a device
for neighbor discovery; link-localnaddresses begin
with the prefix FE80::/10 followed by an interface
identifier in the EUI-64 format. Packets sent from a
link-local address must stay on the local link and not
be forwarded elsewhere.
LLDP Link Layer Discovery Protocol; a standards-
based protocol used to advertise and discover
directly connected devices.
local SPAN A Switched Port Analyzer (SPAN) sesión
configured to mirror traffic from a source interface
or VLAN onto a different interface for monitoring or
analysis purposes.
local VLAN A single VLAN that is bounded by a small
area of the network, situated locally with a group of
member devices.
Loop Guard An STP feature that disables a switch
port if expected BPDUs suddenly go missing.
Management Information Base (MIB) A collection of
information and data that a network device
maintains about itself and its operation. MIB
variables can be read or written through SNMP.
Max Age time The time interval that a switch stores
a BPDU before discarding it or aging it out; the
default is 20 seconds.
MST Multiple Spanning Tree protocol, used to map
one or more VLANs to a single STP instance, reducing
the total number of STP instances.
MST instance (MSTI) A single instance of STP running
within an MST region; multiple VLANs can be
mapped to the MST instance.
MST region A group of switches running compatible
MST configurations.
multichassis EtherChannel (MEC) An EtherChannel
made up of links that are bundled across multiple
switches that are organized as a single logical or
virtual switch.
native VLAN On an 802.1Q trunk link, frames
associated with the native VLAN are not tagged at
all.
network access server (NAS) The function a switch
performs as it intervenes between end users and
AAA servers.
Network Time Protocol (NTP) A mechanism used to
synchronize a device’s time clock with another, more
reliable source.
nonstop forwarding (NSF) A redundancy method
that quickly rebuilds routing information after a
redundant Catalyst switch supervisor takes over.
object identifier (OID) A unique string of digits that
identifies a variable or a tree of variables in a MIB.
packet loss Packets are simply dropped without
delivery for some reason.
packet rewrite Just before forwarding a packet, a
multilayer switch has to change several fields in the
packet to reflect the Layer 3 forwarding operation.
PAgP Port Aggregation Protocol; a Cisco-developed
method for negotiating EtherChannels automatically.
point-to-point port In the Cisco implementation of
RSTP, a full-duplex port that connects to another
switch and becomes a designated port.
PortFast An STP feature used on a host port, where a
single host is connected, that shortens the Listening
and Learning states so that the host can gain quick
access to the network.
power class Categories of PoE devices based on the
maximum amount of power required;mpower
classes range from 0 to 4.
Power over Ethernet (PoE) Electrical power supplied
to a networked device over the network cabling
itself.
primary VLAN A normal Layer 2 VLAN used as the
basis for a private VLAN when it is associated with
one or more secondary VLANs.
private VLAN A special purpose VLAN, designated as
either primary or secondary, which can restrict or
isolate traffic flow with other private VLANs.
promiscuous port A switch port mapped to a private
VLAN such that a connected device can
communicate with any other switch port in the
private VLAN.
PVST Per-VLAN Spanning Tree; a Cisco proprietary
version of STP where one instance of STP runs on
each VLAN present in a Layer 2 switch.
PVST+ Per-VLAN Spanning Tree Plus; a Cisco
proprietary version of PVST that enables PVST,
PVST+, and CST to interoperate on a switch.
quality of service (QoS) The overall method used in
a network to protect and prioritize time-critical or
important traffic.
Remote Authentication Dial-In User Service
(RADIUS) A standards-based protocol used to
communicate with AAA servers.
root bridge The single STP device that is elected as a
common frame of reference for working out a loop-
free topology.
Root Guard An STP feature that controls where
candidate root bridges can be found on a switch.
root path cost The cumulative cost of all the links
leading to the root bridge.
root port Each switch selects one port that has the
lowest root path cost leading toward the root bridge.
Route Processor Redundancy (RPR) A redundancy
mode where a redundant supervisor partially boots
and waits to become active after the primary
supervisor fails.
Route Processor Redundancy Plus (RPR+) A
redundancy mode where a redundant supervisor
boots up and waits to begin Layer 2 or Layer 3
functions.
RPVST+ Also known as Rapid PVST+, where RSTP is
used on a per-VLAN basis; in effect, RSTP replaces
traditional 802.1D STP in the PVST+ operation.
RSPAN Also known as Remote Switched Port
Analyzer, where a SPAN session is split across two
independent switches and mirrored data is
transported over a special purpose VLAN between
them.
RSTP The Rapid Spanning Tree Protocol, based on
the IEEE 802.1w standard.
SDM Switching Database Manager: A Cisco IOS
Software function that configures or tunes memory
table space on a LAN switch platform
secondary VLAN A unidirectional VLAN that can pass
traffic to and from its associated primary VLAN, but
not with any other secondary VLAN.
Simple Network Management Protocol (SNMP) A
protocol used between an SNMPnmanager and an
SNMP agent to obtain data about device operation
or to set configuration parameters.
SNMP agent A process that runs on the network
device being monitored and uses SNMP to provide
data to an SNMP manager.
SNMP inform A message that a network device
sends to alert an SNMP manager about an event or a
failure. The SNMP manager must acknowledge
receipt of the inform by echoing the message back to
the SNMP agent in the device.
SNMP manager A network management system that
uses SNMP to poll network devices for operational
and configuration data.
SNMP trap A message that a network device sends
to alert an SNMP manager about an event or a
failure. The SNMP manager does not need to
acknowledge a trap that it receives.
SPAN Also known as Switched Port Analyzer, where
a switch mirrors traffic from a source interface or
VLAN onto a different interface for monitoring or
analysis purposes.
Spanning Tree Protocol (STP) A protocol
communicated between Layer 2 switches that
attempts to detect a loop in the topology before it
forms, thus preventing a bridging loop from
occurring.
Split-MAC architecture Normal Media Access
Control (MAC) operations are divided into two
distinct locations, the LAP and the WLC, such that
the two form a completely functioning WLAN cell.
SSID Service set identifier; a text string that identifies
a service set, or a group of WLAN devices, that can
communicate with each other.
StackWise Cisco method to connect multiple
switches together to form one logical switch. The
switch stack is controlled by one of the member
switches, while others can take over the role if
needed. Member switches are connected to each
other through a dual ring of StackWise cables.
stateful switchover (SSO) A redundancy mode
where a redundant supervisor fully boots and
initializes, allowing configurations and Layer 2 tables
to be synchronized between an active supervisor and
a redundant one.
sticky MAC address MAC addresses dynamically
learned by the port security feature are remembered
and expected to appear on the same switch ports.
stratum A number that indicates in which layer of
the NTP hierarchy a time source is located; stratum 1
represents the most authoritative and accurate time
source.
superior BPDU A received BPDU that contains a
better bridge ID than the current root bridge.
SVI Switched virtual interface; a logical interface
used to assign a Layer 3 address to an entire VLAN.
switch block A network module or building block
that contains a group of access layer switches,
together with the pair of distribution switches that
connect them.
switch spoofing A malicious host uses DTP to
masquerade as a switch, with the goal of negotiating
a trunk link and gaining access to additional VLANs.
synchronization In RSTP, the process by which two
switches exchange a proposal-agreement handshake
to make sure neither will introduce a bridging loop.
syslog System message logs that are generated by a
switch and can be collected locally or sent to and
collected on a remote server.
syslog severity level An indicator of how important
or severe a logged event is.
TACACS+ (Terminal Access Controller Access-
Control System Plus) A Cisco proprietary protocol
used to communicate with AAA servers.
TCAM Ternary content-addressable memory; a
switching table found in Catalyst switches that is
used to evaluate packet forwarding decisions based
on policies or access lists. TCAM evaluation is
performed simultaneously with the Layer 2 or Layer
3 forwarding decisions.
TCN Topology Change Notification; a message sent
out the root port of a switch when it detects a port
moving into the Forwarding state or back into the
Blocking state. The TCN is sent toward the root
bridge, where it is reflected and propagated to every
other switch in the Layer 2 network.
TLV An attribute formed by type, length, and value
parameters; used in LLDP advertisements.
transparent bridge A network device that isolates
two physical LANs but forwards Ethernet frames
between them.
trust boundary A perimeter in a network, formed by
switches and routers, where QoS decisions take
place. QoS information found inside incoming traffic
is evaluated at the trust boundary; either it is trusted
or it is not trusted. In the latter case, the QoS
information can be altered or overridden. All devices
inside the trust boundary can assume that QoS
information is correct and trusted, such that the QoS
information already conforms to Enterprise policies.
UDLD Unidirectional Link Detection; a feature that
enables a switch to confirm that a link is operating
bidirectionally. If not, the port can be disabled
automatically.
unknown unicast flooding The action taken by a
switch when the destination MAC address cannot be
found; the frame is flooded or replicated out all
switch ports except the receiving port.
UplinkFast An STP feature that enables access layer
switches to unblock a redundant uplink when the
primary root port fails.
VACL VLAN access control list; a filter that can
control traffic passing within a VLAN.
logical switch. The two chassis are managed by one
supervisor, while the other can take over if needed.
The switch chassis are connected with VSS links and
can be geographically separated.
VLAN Virtual LAN; a logical network existing on one
or more Layer 2 switches, forming a single broadcast
domain.
VLAN hopping A malicious host sends specially
crafted frames that contain extra, spoofed 802.1Q
trunking tags into an access port, while the packet
payloads appear on a totally different VLAN.
VLAN number A unique index number given to a
VLAN on a switch, differentiating it from other
VLANs on the switch.
VLAN trunk A physical link that can carry traffic on
more than one VLAN through logical tagging.
voice VLAN The VLAN used between a Cisco IP
Phone and a Catalyst switch to carry voice traffic.
VRRP backup router A router in a VRRP group that
waits until the master router fails before taking over
that role.
VRRP master router The router in a VRRP group that
forwards traffic sent to the virtual gateway IP and
MAC address.
VSPAN Also known as VLAN-based Switched Port
Analyzer, where a switch mirrors traffic from a
source VLAN onto a different interface for
monitoring or analysis purposes.
VLAN configuration information among a group of
switches.
VTP configuration revision number An index that
indicates the current version of VLAN information
used in the VTP domain; a higher number is more
preferable.
VTP domain A logical grouping of switches that share
a common set of VLAN requirements.
VTP pruning VTP reduces unnecessary flooded traffic
by pruning or removing VLANs from a trunk link, only
when there are no active hosts associated with the
VLANs.
VTP synchronization problem An unexpected VTP
advertisement with a higher configuration revision
number is received, overriding valid information in a
VTP domain.
wireless LAN controller (WLC) A Cisco device that
provides management functions to lightweight
access points and aggregates all traffic to and from
the LAPs.

Virtual Switching System (VSS) Cisco method to join VTP VLAN Trunking Protocol; used to communicate
two separate physical switch chassis together as one